When does an experiment in networking technology become a public
utility? Does it happen on a single date, or is it a more gradual
process of incremental change? And at what point do you change that
way in which resources are managed to admit a broader spectrum of
public interests? And how are such interests to be expressed in the
context of the network itself, in terms of the players, their
motivation and the level of common interest in one network? While
many may be of the view that this has already happened some years
ago in the case of the Internet, when you take a global perspective
many parts of the world are only recently coming to appreciate the
significant role of the Internet in the broader context of enablers
of national wealth.

I'd like to take one example here to illustrate the forms of issues
that arise when public policy considerations of a national nature
are added into a resource management debate.

It could well be that November 2005 is recorded one of the landmark
months in the continuing story of the Internet. That month sees the
culmination of some years of preparation for the World Summit on the
Information Society, and it will be the time when a relatively
complete set of national delegations will meet, consider and
ultimately vote on a set of resolutions about the future structure
of the global communications industry from the perspective of an
international public policy perspective. Itís not the only show in
town of course and a few weeks later the Internet Corporation for
the Assignment of Names and Numbers will meet in Vancouver, and
continue their endeavours in advising the government of the United
States of America as to appropriate decisions regarding the carriage
of the domain name system, protocol parameter assignment and the
distribution of address resources, in the expectation that in the
following year ICANN will assume a greater level of autonomy in
undertaking this role.

In looking at the various perspectives that come to bear of these
issues, the area of address distribution policy is certainly
illustrative of the broader picture. So in this article I'd like to
take a look at the ITU-T's proposal for introducing competition into
the allocation of IP addresses through the proposed establishment of
national IPv6 address registries. We will examine some of the
assumptions about IP addresses that underlie the proposal and look
at the significant issues that the proposal raises regarding
Internet infrastructure and the related task of address resource
management. It is certainly the case that the basic assumptions
about the role of addresses in the Internet that underlie this
proposal are very important ones to consider, as they tend to be
consistent themes of many resources that form a public
good. However, it is also the case that the proposal as it stands
could trigger some unpalatable unintended outcomes for the Internet,
and some likely unpalatable consequences for all of us as users of
this rather unique public utility.

The Proposal

In November of 2004 a proposal has been made for the introduction of
competition into the system of allocation of IP addresses.

The proposal has been made by Houlin Zhao of the ITU-T, and calls
for the ITU-T to establish new IPv6 address registries in each
nation, each of which would compete with the existing Regional
Internet Registries (RIRs).

This proposal has been published as part of the broader
program of work associated with Phase II of the World Summit
on the Information Society (http://www.wsis.org).

A summary of the essential elements of this proposal is:

To allocate an IPv6 address block to the ITU-T, who would then
allocate to each nation a contiguous address block, sufficient to
meet the needs of its national population.

The precise nature of how †the size of such national address
blocks would be determined is not specified in the proposal, so
details as to what would constitute a national requirement and
the anticipated timeframe of such an allocation is also not
described.

That each nation would establish a national registry framework to
manage their national address block.

Whether this would be established as a central service entity
within each nation, or a set of such entities within each
nation, is not covered in the proposal. Whether this would be a
function of a public agency or one that is part of a national,
deregulated industry structure or some other arrangement is not
specified.

That each nation would be able to set whatever policies for address
management that they felt to be appropriate for their individual
national situation.

In setting up such a framework of national address management,
aspects of national sovereignty must be recognised. Any overall
structure that is proposed is of the form of a recommendation
rather than a binding commitment that nations must adhere to.

That such national address registries would be expected to operate
in competition with the established Regional Internet Registry
(RIR) system.

That domestic entities would have a choice of obtaining IPv6
address space using a RIR or using the national address registry
service.

Some Assumptions about Address Attributes

There are a number of underlying assumptions about the
characteristics of IPv6 addresses that lie behind the ITU-T's
proposal, and it is useful to enumerate these in broad terms.

Addresses are a global resource

Addresses are not just numbers - they are an enabler for
communications services.

By inference of their property of being a intrinsic component
of a global communications infrastructure, IP addresses are
also validly to be considered as a global resource. In the
context of the ITU-T's perspective of global activities as
being a matter of coordination and collaboration of various
national activities, the logical implication is that this is
an international issue of resource allocation, and the
resource should be distributed in a manner that is fair in
terms of relative amounts of resource allocation to each
national entity.

Addresses are a public resource

Nations should be able to express their preferences as to how
addresses are spread around.

Public communications systems form part of a public utility
service, and the components of their infrastructure can be
validly considered as resources that form part of a public
good. Following this line of argument, as a public resource,
national public policy processes should be capable of setting
national address access, distribution and use policies, as
determined by national policy environments.

Addresses are a critical resource

If a national community cannot gain access to addresses then
bad things may result for that community.

Each nation should be able to secure national access to
address resources irrespective of actions by other national
entities, or indeed by any entity that does not fall within
the national domain.

Addresses are a network resource

Deployment of communications services and access to addresses
go hand-in-hand.

Access to the benefits of Internet-based communications
services by a national community are predicated by enabling
access to address resources by that community. Securing access
to addresses by national communities is not an end in and of
itself, but is an essential prerequisite for utilizing the
benefits and opportunities of access to the common
communications service.

Addresses are an infinite resource

Addresses may have to last for a very long time.

This is perhaps an overstatement of the assumption. The key
aspect here is that the total capacity of the address plant is
sufficient to accommodate the cumulative sum of national
requirements across some 200 nations, in addition to the
requirements of the established RIR system. Irrespective of
the mechanism of determining national allocations, there is
assumed to be sufficient address resources available to meet
these additional requirements.

Some Issues with the proposal

As it stands, the proposal raises some significant issues that
appear to be counter to the experience gained to date in the
deployment of Internet infrastructure and the related task of
address resource management. While this is not a complete list, and
does not represent an exhaustive analysis of each of these issues,
the following is a summary of the most apparent areas where the
proposal raises matters of concern.

The proposal leads to the creation of policy confusion in addressing

The ITU-T framework respects national sovereignty, and does
not operate though mandate, but uses a structure of
recommendations.

Allowing each national address registry to operate under a
nationally determined policy does not induce an outcome of
conformity across all policy regimes. The expression of
concern here is that this has a direct impact on the stable
and scaleable operation of the Internetís routing system, and
also leads to concerns about the authenticity of addresses
described in associated route objects. There is a relatively
high level of aggregation constraint that is necessary to
ensure that the routing environment continues to scale to the
size of the network. It is unclear how such a diverse set of
address policy domains will be capable of expressing this
necessary common constraint. In addition, in a broad spectrum
of national public policy regimes it is reasonable to expect
that some regimes may elect to associate binding national
address use policies with national address distribution
channels. To date the policies that can be expressed in the
network relate to path preference selection, while address use
constraints, such as variations of propagation controls, have
proved difficult to integrate into the routing system.

The proposal does not align to regional and global business
models

The Internet has developed in a regime of progressive
liberalization of the global telecommunications
environment. Many industry players operate in a number of
national regimes. If an enterprise had to operate their
network within the constraints of a collection of address
policies, and likely also a collection of diverse and
potentially conflicting national address use policies, it
would impose a significant additional imposition on
industry. Does it ultimately benefit the provider or the end
user if a global or regional service enterprise is required to
deal with up to 200 different address sources, each with
various potential use constraints placed on such addresses?

The proposal creates competition regimes based on policy
dilution

The likely outcome of competitive address distribution systems
in an unregulated regime would be the progressive dilution of
associated access policies and procedures, and a continuing
acceleration in address space allocation rates. This would
lead to premature exhaustion of the entire address pool, even
one as large at the IPv6 address space, resulting from poor
constraint signalling within the market due to the partitioned
nature of the market and the particular nature of addresses as
a market commodity. This outcome would appear to compromise
the fundamental goals of responsible stewardship of a finite,
common public resource, and would create irrevocable outcomes
resulting from an artificially induced excessive consumption of the
resource.

The proposal creates impetus for rapid consumption through
address hoarding

The poor level of market signalling in such a competitive,
partitioned supply system would increase the constraint of
perceptions of a finite supply. Together with common policy
dilution, as well as deliberate maintenance of national
address reserves, this would rapidly lead to induced rapid
consumption of the entire available resource. This hoarding
behaviour, coupled with the exhaustion of the neutral supply
of new addresses into the market, would lead to the generation
of trading markets, where addresses are placed into the role
of a commodity supply. The consequent distortion of the role
of addresses would have negative impacts on the network,
running the risk of addresses being withheld from the network
so that they could be released with potentially higher
exploitative returns on the associated trading market. This
also leads to incentives for address fraud in order to reap
the rewards of generating more addresses into the trading
market for rapid financial gain. It is also possible for
national entities to see this as a form of foreign income, in
the same manner as existing practices in certain country code
domain names. This could result in national address blocks
being deliberately withheld from meeting local needs in order
to facilitate the formation of a trading market upon which the
withheld resources could be played as a foreign currency
revenue stream. To call this form of outcome chaotic and
undesirable should be considered an understatement.

The proposal has no visible relationship to known routing capabilities

Address distribution functions are deliberately constrained in
order to achieve a number of common outcomes. One of these
outcomes is to limit the number of address prefixes that enter
the routing system, in order to ensure that the routing system
stays within the constraints of the capabilities of the
routing system. The removal of that constraint through the
progressive dilution of address distribution policies as they
relate to aggregation capability would potentially place
unconstrained growth strains on the routing system. There is
also the risk that national address use constraints would be
introduced which would assume a level of policy-based control
over route propagation that would conflict with the capability
of Internet routing technology.

The proposal eliminates the common interest in one network

This proposal may well place shorter term national interests
above the common network interest, leading to a localized set
of interests being considered more important than the network
itself. The question here is whether national registry
structures will be willing to apply constraints to their
function in order to meet a common objective of a scaleable
and sustainable routing system. Environmental economics has
previously demonstrated that, in such situations, it is often
the case that longer term, common interests are not given
primary importance.

- The proposal compromises any hope of enhancing routing integrity
and security

The proposal eliminates the goal of a robust and resilient
trust hierarchy to support a viable, secure network routing
environment. Distributed trust systems, such as those being
proposed for securing inter-domain routing and securing the
integrity of the address plant when it is passed into the
routing environment, rely on a clear grounding in reliable
trust anchors. It is an open question whether every nation
state at all times would be able to operate such a system at
such levels of integrity. This question is particularly
relevant when there are potential benefits in operating an
address registry in a competitive environment where the
competition discriminator includes policy dilution.

- The proposal creates further churn in perceptions of the
stability and viability of IPv6

In the case of the Internet, addressing lies at the very heart
of the network. Without a framework of stable, unique and
ubiquitous addresses there is no single cohesive
network. Without a continuing stable supply of addresses,
further growth of the network simply cannot be
sustained. Without absolute confidence in the continuing
stability in this supply chain, the global communications
industry will inevitably be forced to look elsewhere for a
suitable technology platform to meet the needs of networked
data communications. If the industry is pushed into such an
uncomfortable position of turning its attention elsewhere,
simply because the Internet is incapable of operating its
infrastructure in a stable, consistent and cost effective
manner, this would be a most unfortunate, unintended outcome
for the Internet and the billions of current and future users
of this uniquely valuable common resource.

Some Options to Respond

There are some options for consideration by a broader community of
stakeholders related to this proposal. On the basis of a
considerable body of experience gained in the task of address
stewardship of Internet protocol addresses there are a number of
ways in which the stakeholder communities could offer some form of
contribution to the ITU-T and also to the World Summit for the
Internet Society, wherein this ITU-T proposal may be considered.

Agree:

It may be that the general perception of the benefits
of this form of diversity of address distribution far
outweigh the concerns here, in which case the
appropriate option may be to encourage this proposal to
move forward.

Disagree:

On the other hand, it may be that the general perception
of the risks associated with this proposal are at such a
level that the proposal, if implemented in any form,
would unleash an irrevocable set of actions that would
threaten the future viability of adoption of the IPv6
global network. In such a case it would be responsible
to disagree strongly with the proposal and highlight the
basis upon which such disagreement is based.

Discuss:

Another option is to "discuss". If there is a perception
of some degree of validity in the set of assumptions
relating to attributes of addresses, and in the related
proposition that national interests are an integral
component of this environment, then further discussion
would be an appropriate course of action. In such a
scenario there may be value in an exploration of
mechanisms that could accommodate the underlying
perspectives and mitigate, or even eliminate, the
set of concerns associated with the current ITU-T
proposal.

Much time, effort, money and hope has been invested in the World
Summit on the Information Society over the past several years. It
is reasonable to predict that there will be a number of resolutions
passed at this summit, and little doubt that some of these
resolutions will take stances that are at some variance with the
current structure. Whether we will be capable of achieving a wise
and sustaining balance between these public sector interests and the
strictures of common constraint that enable cost effective
technology to be deployed efficiently in a public utility mode is
just one of those areas where we will probably need to wait to find
out.

And, yes, I promise to leave the rarefied heights of policies
and return to a geek topic next month!

Geoff Huston
April 2005

Disclaimer

The above views do not necessarily represent the views or positions of
the Asia Pacific Network Information Centre

About the Author

GEOFF HUSTON holds a B.Sc. and a M.Sc. from the Australian National University. He has been closely
involved with the development of the Internet for the past decade, particularly within Australia,
where he was responsible for the initial build of the Internet within the Australian academic and
research sector. He is author of a number of Internet-related books. He is the Senior Internet
Research Scientist at the Asia Pacific Network Information Centre, the Regional Internet Registry
serving the Asia Pacific region.

Disclaimer

The views expressed are the author’s and not those of APNIC, unless APNIC is specifically identified as the author of the communication. APNIC will not be legally responsible in contract, tort or otherwise for any statement made in this publication.

About the Author

GEOFF HUSTON B.Sc., M.Sc., has been closely involved with the development of the Internet for many years, particularly within Australia, where he was responsible for the initial build of the Internet within the Australian academic and research sector. He is author of a number of Internet-related books, and has been active in the Internet Engineering Task Force for many years.